Issue

Security Command Center Issue.

JSON representation
{
  "name": string,
  "detection": string,
  "description": string,
  "remediations": [
    string
  ],
  "severity": enum (Severity),
  "state": enum (State),
  "createTime": string,
  "lastObservationTime": string,
  "updateTime": string,
  "primaryResource": {
    object (Resource)
  },
  "secondaryResources": [
    {
      object (Resource)
    }
  ],
  "issueType": enum (IssueType),
  "mute": {
    object (Mute)
  },
  "exposureScore": number,
  "domains": [
    {
      object (Domain)
    }
  ],
  "securityContexts": [
    {
      object (SecurityContext)
    }
  ],
  "relatedFindings": [
    {
      object (Finding)
    }
  ]
}
Fields
name

string

Identifier. The name of the issue. Format: organizations/{organization}/locations/{location}/issues/{issue}

detection

string

The finding category or rule name that generated the issue.

description

string

The description of the issue in Markdown format.

remediations[]

string

Approaches to remediate the issue in Markdown format.

severity

enum (Severity)

The severity of the issue.

state

enum (State)

Output only. The state of the issue.

createTime

string (Timestamp format)

Output only. The time the issue was created.

Uses RFC 3339, where generated output will always be Z-normalized and uses 0, 3, 6 or 9 fractional digits. Offsets other than "Z" are also accepted. Examples: "2014-10-02T15:01:23Z", "2014-10-02T15:01:23.045123456Z" or "2014-10-02T15:01:23+05:30".

lastObservationTime

string (Timestamp format)

The time the issue was last observed.

Uses RFC 3339, where generated output will always be Z-normalized and uses 0, 3, 6 or 9 fractional digits. Offsets other than "Z" are also accepted. Examples: "2014-10-02T15:01:23Z", "2014-10-02T15:01:23.045123456Z" or "2014-10-02T15:01:23+05:30".

updateTime

string (Timestamp format)

Output only. The time the issue was last updated.

Uses RFC 3339, where generated output will always be Z-normalized and uses 0, 3, 6 or 9 fractional digits. Offsets other than "Z" are also accepted. Examples: "2014-10-02T15:01:23Z", "2014-10-02T15:01:23.045123456Z" or "2014-10-02T15:01:23+05:30".

primaryResource

object (Resource)

The primary resource associated with the issue.

secondaryResources[]

object (Resource)

Additional resources associated with the issue.

issueType

enum (IssueType)

The type of the issue.

mute

object (Mute)

The mute information of the issue.

exposureScore

number

The exposure score of the issue.

domains[]

object (Domain)

The domains of the issue.

securityContexts[]

object (SecurityContext)

The security context of the issue.

relatedFindings[]

object (Finding)

The findings related to the issue.

Resource

A resource associated with the an issue.

JSON representation
{
  "name": string,
  "displayName": string,
  "type": string,
  "cloudProvider": enum (CloudProvider),

  // Union field cloud_provider_metadata can be only one of the following:
  "googleCloudMetadata": {
    object (GoogleCloudMetadata)
  },
  "awsMetadata": {
    object (AwsMetadata)
  },
  "azureMetadata": {
    object (AzureMetadata)
  }
  // End of list of possible types for union field cloud_provider_metadata.
}
Fields
name

string

The full resource name of the resource associated with the issue.

displayName

string

The resource-type specific display name of the resource associated with the issue.

type

string

The type of the resource associated with the issue.

cloudProvider

enum (CloudProvider)

The cloud provider of the resource associated with the issue.

Union field cloud_provider_metadata. The cloud provider metadata of the resource associated with the issue. cloud_provider_metadata can be only one of the following:
googleCloudMetadata

object (GoogleCloudMetadata)

The Google Cloud metadata of the resource associated with the issue. Only populated for Google Cloud resources.

awsMetadata

object (AwsMetadata)

The AWS metadata of the resource associated with the issue. Only populated for AWS resources.

azureMetadata

object (AzureMetadata)

The Azure metadata of the resource associated with the issue. Only populated for Azure resources.

GoogleCloudMetadata

Google Cloud metadata of a resource associated with an issue.

JSON representation
{
  "projectId": string
}
Fields
projectId

string

The project ID that the resource associated with the issue belongs to.

AwsMetadata

The AWS metadata of a resource associated with an issue.

JSON representation
{
  "account": {
    object (AwsAccount)
  }
}
Fields
account

object (AwsAccount)

The AWS account of the resource associated with the issue.

AwsAccount

The AWS account of the resource associated with the issue.

JSON representation
{
  "id": string,
  "name": string
}
Fields
id

string

The AWS account ID of the resource associated with the issue.

name

string

The AWS account name of the resource associated with the issue.

AzureMetadata

The Azure metadata of a resource associated with an issue.

JSON representation
{
  "subscription": {
    object (AzureSubscription)
  }
}
Fields
subscription

object (AzureSubscription)

The Azure subscription of the resource associated with the issue.

AzureSubscription

The Azure subscription of the resource associated with the issue.

JSON representation
{
  "id": string,
  "displayName": string
}
Fields
id

string

The Azure subscription ID of the resource associated with the issue.

displayName

string

The Azure subscription display name of the resource associated with the issue.

Mute

The mute information of the issue.

JSON representation
{
  "muteState": enum (MuteState),
  "muteInitiator": string,
  "muteReason": string,
  "muteUpdateTime": string
}
Fields
muteState

enum (MuteState)

Output only. The mute state of the issue.

muteInitiator

string

The email address of the user who last changed the mute state of the issue.

muteReason

string

The user-provided reason for muting the issue.

muteUpdateTime

string (Timestamp format)

The time the issue was muted.

Uses RFC 3339, where generated output will always be Z-normalized and uses 0, 3, 6 or 9 fractional digits. Offsets other than "Z" are also accepted. Examples: "2014-10-02T15:01:23Z", "2014-10-02T15:01:23.045123456Z" or "2014-10-02T15:01:23+05:30".

Domain

The domains of an issue.

JSON representation
{
  "domainCategory": enum (DomainCategory)
}
Fields
domainCategory

enum (DomainCategory)

The domain category of the issue.

SecurityContext

Security context associated with an issue.

JSON representation
{

  // Union field security_details can be only one of the following:
  "context": {
    object (Context)
  },
  "aggregatedCount": {
    object (AggregatedCount)
  }
  // End of list of possible types for union field security_details.
}
Fields
Union field security_details. The security details of the security context. security_details can be only one of the following:
context

object (Context)

The context of the security context.

aggregatedCount

object (AggregatedCount)

The aggregated count of the security context.

Context

Context of a security context.

JSON representation
{
  "type": string,
  "values": [
    string
  ]
}
Fields
type

string

Context type.

values[]

string

Context values.

AggregatedCount

Aggregated count of a security context.

JSON representation
{
  "key": string,
  "value": integer
}
Fields
key

string

Aggregation key.

value

integer

Aggregation value.

Finding

Finding related to an issue.

JSON representation
{
  "name": string,

  // Union field type can be only one of the following:
  "cve": {
    object (Cve)
  },
  "securityBulletin": {
    object (SecurityBulletin)
  }
  // End of list of possible types for union field type.
}
Fields
name

string

The name of the finding.

Union field type. The type of the finding. type can be only one of the following:
cve

object (Cve)

The CVE of the finding.

securityBulletin

object (SecurityBulletin)

The security bulletin of the finding.

Cve

The CVE of the finding.

JSON representation
{
  "name": string
}
Fields
name

string

The CVE name.

SecurityBulletin

The security bulletin of the finding.

JSON representation
{
  "name": string
}
Fields
name

string

The security bulletin name.